CVE-2007-4422

CVE-2007-4422 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.

Learn more about our User Device Pen Test.